MAL: Strings

For this box I used Remmina whilst on Kali.

Link: MAL: Strings Room on TryHackMe

Task 1

Question 1

What is the name of the account that had the passcode of "12345678" in the intellian example discussed above?

See NVD

Answer: intellian

Question 2

What is the CVE entry disclosed by the company "Teradata" in their "Viewpoint" Application that has a password within a string?

From NVD

Answer: CVE-2019-6499

Question 3

According to OWASP's list of "Top Ten IoT" vulnerabilities, name the ranking this vulnerability would fall within, represented as text.

From OWASP

Answer: one

Task 2

Question 1

What is the correct username required by the "LoginForm"?

Answer: cmnatic

Question 2

What is the required password to authenticate with?

Answer: TryHackMeMerchWhen

Question 3

What is the "hidden" THM{} flag?

Answer: THM{Not_So_Hidden_Flag

Task 3

Question 1

What is the key term to describe a server that Botnets receive instructions from?

Answer: Command and Control

Question 2

Name the discussed example malware that uses "strings" to store the bitcoin wallet addresses for payment

Answer: WannaCry

Task 4

Question 1

List the number of total transactions that the Bitcoin wallet used by the "Wannacry" author(s)

Answer: 143

Question 2

What is the Bitcoin Address stored within "ComplexCalculator.exe"

Answer: 1LVB65imeojrgC3JPZGBwWhK1BdVZ2vYNC

Task 5

Question 1

What is the name of the toolset provided by Microsoft that allows you to extract the "strings" of an application?

Answer: Sysinternals

Question 2

What operator would you use to "pipe" or store the output of the strings command?

Answer: >

Question 3

What is the name of the currency that ransomware often uses for payment?

Answers: bitcoin